Yingpeng Sang

Secure Data Aggregation in Wireless Sensor Networks: A Survey

Data aggregation is a widely used technique in wireless sensor networks. The security issues, data confidentiality and integrity, in data aggregation become vital when the sensor network is deployed in a hostile environment. There has been many related work proposed to address these security issues. In this paper we survey these work and classify them into two cases: hop-by-hop encrypted data aggregation and end-to-end encrypted data aggregation. We also propose two general frameworks for the two cases respectively. The framework for end-to-end encrypted data aggregation has higher computation cost on the sensor nodes, but achieves stronger security, in comparison with the framework for hop-by-hop encrypted data aggregation

Efficient and secure protocols for privacy-preserving set operations

Many applications require performing set operations without publishing individual datesets. In this article, we address this problem for five fundamental set operations including set intersection, cardinality of set intersection, element reduction, overthreshold set-union, and subset relation. Our protocols are obtained in the universally composable security framework, in the assumption of the probabilistic polynomial time bounded adversary, which actively controls a fixed set of t parties and the assumption of an authenticated broadcast channel. Our constructions utilize building blocks of nonmalleable NonInteractive Zero-Knowledge (NIZK) arguments, which are based on a (t + 1,N)-threshold version (N is the number of parties in the protocol) of the boneh-goh-nissim (BGN) cryptosystem whose underlying group supports bilinear maps, in the assumption that the public key and shares of the secret key have been generated by a trusted dealer. The previous studies were all based on the stand-alone model with the same assumptions on the adversary, broadcast channel, and key generation. For the first four operations, we propose protocols that improve the previously known results by an O(N) factor in the computation and communication complexities. For the subset relation, our protocol is the first one secure against the active adversary. Our constructions of NIZK have independent interest in that, though also mentioned as building blocks, the previous work did not illustrate how to construct them. We construct these NIZK with an additional nonmalleable property, the same complexity as claimed in the previous work, and also an improvement on the communication complexity.

Efficient protocols for privacy preserving matching against distributed datasets

When datasets are distributed on different sources, finding out matched data while preserving the privacy of the datasets is a widely required task. In this paper, we address two matching problems against the private datasets on N (N≥2) parties. The first one is the Privacy Preserving Set Intersection (PPSI) problem, in which each party wants to learn the intersection of the N private datasets. The second one is the Privacy Preserving Set Matching (PPSM) problem, in which each party wants to learn whether its elements can be matched in any private set of the other parties. For the two problems we propose efficient protocols based on a threshold cryptosystem which is additive homomorphic. In a comparison with the related work in [18], the computation and communication costs of our PPSI protocol decrease by 81% and 17% respectively, and the computation and communication costs of our PPSM protocol decrease by 80% and 50% respectively. In practical utilities both of our protocols save computation time and communication bandwidth.

Novel impostors detection in keystroke dynamics by support vector machine

To detect the novel impostors whose data patterns have never been learned previously in keystroke dynamics, two solutions are proposed in this paper. Unlike most other research in keystroke dynamics, this paper surveys the performance tradeoff and time consumption, which are valuable for practical implementation, of the solutions. Besides, it is our intention to attempt verifying computer users’ identities based on pure numeric password which is more difficult than verification of any other kinds of passwords.

Effective Reconstruction of Data Perturbed by Random Projections

Random Projection (RP) has raised great concern among the research community of privacy-preserving data mining, due to its high efficiency and utility, e.g., keeping the euclidean distances among the data points. It was shown in [33] that, if the original data set composed of m attributes is multiplied by a mixing matrix of k\times m (m>;k) which is random and orthogonal on expectation, then the k series of perturbed data can be released for mining purposes. Given the data perturbed by RP and some necessary prior knowledge, to our knowledge, little work has been done in reconstructing the original data to recover some sensitive information. In this paper, we choose several typical scenarios in data mining with different assumptions on prior knowledge. For the cases that an attacker has full or zero knowledge of the mixing matrix R, respectively, we propose reconstruction methods based on Underdetermined Independent Component Analysis (UICA) if the attributes of the original data are mutually independent and sparse, and propose reconstruction methods based on Maximum A Posteriori (MAP) if the attributes of the original data are correlated and nonsparse. Simulation results show that our reconstructions achieve high recovery rates, and outperform the reconstructions based on Principal Component Analysis (PCA). Successful reconstructions essentially mean the leakage of privacy, so our work identify the possible risks of RP when it is used for data perturbations.

Privacy-Preserving Data Publishing for Multiple Numerical Sensitive Attributes

Anonymized data publication has received considerable attention from the research community in recent years. For numerical sensitive attributes, most of the existing privacy-preserving data publishing techniques concentrate on microdata with multiple categorical sensitive attributes or only one numerical sensitive attribute. However, many real-world applications can contain multiple numerical sensitive attributes. Directly applying the existing privacy-preserving techniques for single-numerical-sensitive-attribute and multiple-categorical-sensitive-attributes often causes unexpected disclosure of private information. These techniques are particularly prone to the proximity breach, which is a privacy threat specific to numerical sensitive attributes in data publication. In this paper, we propose a privacy-preserving data publishing method, namely MNSACM, which uses the ideas of clustering and Multi-Sensitive Bucketization (MSB) to publish microdata with multiple numerical sensitive attributes. We use an example to show the effectiveness of this method in privacy protection when using multiple numerical sensitive attributes.

Diffusion Wavelets-Based Analysis on Traffic Matrices

Traffic matrix describes the traffic volumes traversing the network from the input nodes to the exit nodes over a measured period. Such a matrix is very hard, if not intractable, to be obtained for a large network. We apply a new technique to analyze the traffic matrix by use of diffusion wavelet in this paper. It is shown that diffusion wavelet can do an efficient multi-resolution analysis on TM. The original TM can be reconstructed by choosing the diffused traffic in a particular level. This paper also shows there are a lot of potential applications by use of diffusion wavelet-based analysis on traffic matrix.

New methods for network traffic matrix estimation based on a probability model

Traffic matrix is of great help in many network applications. However, it is very difficult, if not intractable, to estimate the traffic matrix for a large-scale network. This is because the estimation problem from limited link measurements is highly under-constrained. We propose a simple probability model for a large-scale practical network. The probability model is then generalized to a general model by including random traffic data. Traffic matrix estimation is then conducted under these two models by two minimization methods. It is shown that the Normalized Root Mean Square Errors of these estimates under our model assumption are very small. For a large-scale network, the traffic matrix estimation methods also perform well. The comparison of two minimization methods shown in the simulation results complies with the analysis.

Reconstructing data perturbed by random projections when the mixing matrix is known

Random Projection (

Achieving Probabilistic Anonymity in a Linear and Hybrid Randomization Model

\mathcal{RP}